McAfee Discovered a New Mobile Malware in Google Play Apps
November 01, 2022 By Alberto Mesti
(Image Credit Google)
More than 20 million Android users lately received a warning from the computer security software company McAfee that they could become victims of harmful hidden files found in many apps. According to reports, this malware is a clicker that puts users at risk of numerous dangers.
Furthermore, the cited apps are allegedly responsible for an alarming rate of battery drain on mobile devices, according to a News.com.au investigation. In addition, it may eventually have an impact on hardware by decreasing the speed of the machine. McAfee claimed in a blog post that hackers are now creating malicious software to pose as helpful mobile phone tools before wreaking havoc on the system of the device. Additionally, this smartphone malware runs in the background and helps criminals produce illegal advertising revenue.
Moreover, McAfee researchers found that the new clicker
malware infected Google Play. As a result, a total of 16 previously accessible applications on Google Play have been found to have a malicious payload, with an estimated 20 million installations. Fortunately,
Google Play removed all of the discovered apps after McAfee security researchers alerted them of the malware, the company wrote in a blog post.
In a different post, McAfee said that malware writers construct
Facebook advertising pages to advertise these programs to new users. And because it has a link to Google Play and is shared via reliable social media, users will certainly download it.
More on the newly discovered mobile malware
According to McAfee experts, utility apps like QR Readers, Cameras, Unit Converters, and even the Flashlight function app had dangerous codes. The malicious payload was also found on other important apps, such as task managers.
Additionally, when users open the infected apps, the malware reportedly starts to run, according to McAfee. It then carries out an HTTP request to download its remote configuration. In addition, it registers the FCM (Firebase Cloud Messaging) listener to receive push messages after downloading the settings.
On another note, users must proceed with the utmost caution as these applications may resemble official Android software. These apps include ad fraud tools that take advantage of mobile devices in a number of different ways. The developer of security software told the public that they fixed the issue and revealed that McAfee security researchers notified Google, who then removed all of the affected apps from Google Play. Users are additionally protected by Google Play Protect features, which disable these Android apps.
Here is a list of the impacted apps that McAfee made available to help users identify these risky apps:
- BusanBus (com.kmshack. BusanBus)
- Currency Converter (com.smartwho. SmartCurrencyConverter)
- EzDica (com.joysoft.ezdica)
- EzNotes (com.meek.tingboard)
- Flashlight+ (com.candlencom.candleprotest)
- Flashlight+ (com.dev.imagevault)
- Flashlight+ (kr.caramel.flash_plus)
- High-Speed Camera (com.hantor. CozyCamera)
- Instagram Profile Downloader (com.schedulezero.instapp)
- Joycode (com.joysoft.barcode)
- K-Dictionary (com.joysoft.wordBook)
- Quick Note (com.movinapp.quicknote)
- Smart Task Manager (com.james. SmartTaskManager).
By Alberto Mesti
Introvert. Eccentric at times. A fashion enthusiast, designer and writer. Lives for the drama, hates being at the centre of it. Can be best described as \'wannabe modern day Lady Whistledown\'.